Skip to main content

Emerging Threat Scans explained

Everything you need to know about ETS

Updated this week

How do they work?

As soon as we identify a new vulnerability that could critically affect your systems, we'll automatically kick off a scan on all your active, external targets (license permitting). Please note that you cannot initiate them manually.

Can I see all the ETS that have run?

Yes, just head to Scans > Emerging Threats:

Where can I find more details about each ETS?

If you're on the page shown in the screenshot above, click the check you're interested in and you'll be taken to the scan's detail page, where you'll see a whole host of details, including the targets scanned, the check published date, scan start date (and time), scan completed date (and time), as well as details about the check itself (CVSS rating and CVE):

You also have the option to filter your targets by:

  • Result: Passed or Failed

  • Target status: Active, Unresponsive, or License exceeded.
    ​

⚠️ Please be aware that unresponsive or unlicensed targets are not checked for Emerging Threats.


Why don't failed checks show on my issues page immediately?

Emerging Threat Scans are run as soon as the check becomes available, before the team has even mapped the CVE to an issue title, written the description, or curated the remediation advice. We do this to ensure the fastest response time possible.

Once the first ETS has run, we add it to the list of default checks, so if the issue is found on a subsequent scan, you'll see it show up on the issues page, along with all the extra details you're after.

To rescan your targets once you've fixed any failures, use the Scan now functionality to kick off a new scan.

Do Emerging Threat Scans consume licenses?

Yes, they do. An Emerging Threat Scan will run on as many targets as you have licenses, so if you have five unscanned targets and five licenses available, then all of those licenses will be assigned and consumed as soon as the ETS runs.
​

If any of your targets are already consuming licenses, then the 30-day license period will be reset in line with the ETS start date/time. Also, any of your targets in need of a license will be flagged.

Can I disable them?

Yes, of course. To do that, head to Settings > Scans, and toggle Emerging Threat Scans off.


FAQs

What vulnerability rating qualifies for an ETS?

Any new external vulnerability rated Medium, High, or Critical will qualify for an ETS.

How does the scanner know when an ETS is applicable for a specific target?

There are some plugins that have a dependency check, which informs the scanner whether the plugin will be relevant or not. WordPress, JS library, and web-app checks are all great examples of where a dependency check will determine whether the scan needs to run or not.


πŸ‘‰ Emerging Threat Scan features are only available for customers on our Cloud, Pro, Enterprise, and Vanguard plans.

πŸ‘‰ Enterprise users receive priority ETS.

Did this answer your question?